Main Vulnerability Database Vulnerabilities #VU99371

Permissions, Privileges, and Access Controls in macOS - CVE-2024-44265

Published: October 28, 2024

Vulnerability identifier: #VU99371

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2024-44265

CWE-ID: CWE-264

Exploitation vector: Local access

Exploit availability: No public exploit available

Vendor: Apple Inc.

Affected software:
macOS

Detailed vulnerability description

The vulnerability allows an attacker to bypass implemented security restrictions.

The vulnerability exists due to improperly imposed security restrictions in Game Controllers. An attacker with physical access to device can input Game Controller events to apps running on a locked device.

How to mitigate CVE-2024-44265

Install updates from vendor's website.

Sources

https://support.apple.com/en-us/121568

Permissions, Privileges, and Access Controls in macOS - CVE-2024-44265

Detailed vulnerability description

How to mitigate CVE-2024-44265

Sources

Please verify you're human